pass CryptoInputParcel independently for SignEncryptOperation
This commit is contained in:
Vincent Breitmoser
parent
2050be3995
commit
d7b79e55fb
|
|
@ -28,6 +28,7 @@ import org.sufficientlysecure.keychain.pgp.PgpSignEncryptOperation;
|
|||
import org.sufficientlysecure.keychain.pgp.Progressable;
|
||||
import org.sufficientlysecure.keychain.pgp.SignEncryptParcel;
|
||||
import org.sufficientlysecure.keychain.provider.ProviderHelper;
|
||||
import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
|
||||
import org.sufficientlysecure.keychain.util.FileHelper;
|
||||
import org.sufficientlysecure.keychain.util.InputData;
|
||||
import org.sufficientlysecure.keychain.util.ProgressScaler;
|
||||
|
|
@ -55,7 +56,7 @@ public class SignEncryptOperation extends BaseOperation {
|
|||
super(context, providerHelper, progressable, cancelled);
|
||||
}
|
||||
|
||||
public SignEncryptResult execute(SignEncryptParcel input) {
|
||||
public SignEncryptResult execute(SignEncryptParcel input, CryptoInputParcel cryptoInput) {
|
||||
|
||||
OperationLog log = new OperationLog();
|
||||
log.add(LogType.MSG_SE, 0);
|
||||
|
|
@ -123,7 +124,7 @@ public class SignEncryptOperation extends BaseOperation {
|
|||
|
||||
PgpSignEncryptOperation op = new PgpSignEncryptOperation(mContext, mProviderHelper,
|
||||
new ProgressScaler(mProgressable, 100 * count / total, 100 * ++count / total, 100), mCancelled);
|
||||
PgpSignEncryptResult result = op.execute(input, inputData, outStream);
|
||||
PgpSignEncryptResult result = op.execute(input, cryptoInput, inputData, outStream);
|
||||
results.add(result);
|
||||
log.add(result, 2);
|
||||
|
||||
|
|
|
|||
|
|
@ -21,8 +21,6 @@ import android.os.Parcel;
|
|||
|
||||
import org.sufficientlysecure.keychain.util.Passphrase;
|
||||
|
||||
import java.util.Date;
|
||||
|
||||
public class PgpSignEncryptResult extends OperationResult {
|
||||
|
||||
// the fourth bit indicates a "data pending" result! (it's also a form of non-success)
|
||||
|
|
|
|||
|
|
@ -42,14 +42,12 @@ public class PgpSignEncryptInputParcel implements Parcelable {
|
|||
protected long mSignatureMasterKeyId = Constants.key.none;
|
||||
protected Long mSignatureSubKeyId = null;
|
||||
protected int mSignatureHashAlgorithm = PgpConstants.OpenKeychainHashAlgorithmTags.USE_PREFERRED;
|
||||
protected Passphrase mSignaturePassphrase = null;
|
||||
protected long mAdditionalEncryptId = Constants.key.none;
|
||||
protected boolean mFailOnMissingEncryptionKeyIds = false;
|
||||
protected String mCharset;
|
||||
protected boolean mCleartextSignature;
|
||||
protected boolean mDetachedSignature = false;
|
||||
protected boolean mHiddenRecipients = false;
|
||||
protected CryptoInputParcel mCryptoInput = new CryptoInputParcel();
|
||||
|
||||
public PgpSignEncryptInputParcel() {
|
||||
|
||||
|
|
@ -69,15 +67,12 @@ public class PgpSignEncryptInputParcel implements Parcelable {
|
|||
mSignatureMasterKeyId = source.readLong();
|
||||
mSignatureSubKeyId = source.readInt() == 1 ? source.readLong() : null;
|
||||
mSignatureHashAlgorithm = source.readInt();
|
||||
mSignaturePassphrase = source.readParcelable(loader);
|
||||
mAdditionalEncryptId = source.readLong();
|
||||
mFailOnMissingEncryptionKeyIds = source.readInt() == 1;
|
||||
mCharset = source.readString();
|
||||
mCleartextSignature = source.readInt() == 1;
|
||||
mDetachedSignature = source.readInt() == 1;
|
||||
mHiddenRecipients = source.readInt() == 1;
|
||||
|
||||
mCryptoInput = source.readParcelable(loader);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -101,15 +96,12 @@ public class PgpSignEncryptInputParcel implements Parcelable {
|
|||
dest.writeInt(0);
|
||||
}
|
||||
dest.writeInt(mSignatureHashAlgorithm);
|
||||
dest.writeParcelable(mSignaturePassphrase, 0);
|
||||
dest.writeLong(mAdditionalEncryptId);
|
||||
dest.writeInt(mFailOnMissingEncryptionKeyIds ? 1 : 0);
|
||||
dest.writeString(mCharset);
|
||||
dest.writeInt(mCleartextSignature ? 1 : 0);
|
||||
dest.writeInt(mDetachedSignature ? 1 : 0);
|
||||
dest.writeInt(mHiddenRecipients ? 1 : 0);
|
||||
|
||||
dest.writeParcelable(mCryptoInput, 0);
|
||||
}
|
||||
|
||||
public String getCharset() {
|
||||
|
|
@ -133,15 +125,6 @@ public class PgpSignEncryptInputParcel implements Parcelable {
|
|||
return this;
|
||||
}
|
||||
|
||||
public Passphrase getSignaturePassphrase() {
|
||||
return mSignaturePassphrase;
|
||||
}
|
||||
|
||||
public PgpSignEncryptInputParcel setSignaturePassphrase(Passphrase signaturePassphrase) {
|
||||
mSignaturePassphrase = signaturePassphrase;
|
||||
return this;
|
||||
}
|
||||
|
||||
public int getSignatureHashAlgorithm() {
|
||||
return mSignatureHashAlgorithm;
|
||||
}
|
||||
|
|
@ -255,19 +238,6 @@ public class PgpSignEncryptInputParcel implements Parcelable {
|
|||
return mHiddenRecipients;
|
||||
}
|
||||
|
||||
public PgpSignEncryptInputParcel setCryptoInput(CryptoInputParcel cryptoInput) {
|
||||
mCryptoInput = cryptoInput;
|
||||
return this;
|
||||
}
|
||||
|
||||
public Map<ByteBuffer, byte[]> getCryptoData() {
|
||||
return mCryptoInput.getCryptoData();
|
||||
}
|
||||
|
||||
public Date getSignatureTime() {
|
||||
return mCryptoInput.getSignatureTime();
|
||||
}
|
||||
|
||||
public static final Creator<PgpSignEncryptInputParcel> CREATOR = new Creator<PgpSignEncryptInputParcel>() {
|
||||
public PgpSignEncryptInputParcel createFromParcel(final Parcel source) {
|
||||
return new PgpSignEncryptInputParcel(source);
|
||||
|
|
|
|||
|
|
@ -44,6 +44,7 @@ import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
|
|||
import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
|
||||
import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
|
||||
import org.sufficientlysecure.keychain.provider.ProviderHelper;
|
||||
import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
|
||||
import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
|
||||
import org.sufficientlysecure.keychain.util.InputData;
|
||||
import org.sufficientlysecure.keychain.util.Log;
|
||||
|
|
@ -99,7 +100,7 @@ public class PgpSignEncryptOperation extends BaseOperation {
|
|||
/**
|
||||
* Signs and/or encrypts data based on parameters of class
|
||||
*/
|
||||
public PgpSignEncryptResult execute(PgpSignEncryptInputParcel input,
|
||||
public PgpSignEncryptResult execute(PgpSignEncryptInputParcel input, CryptoInputParcel cryptoInput,
|
||||
InputData inputData, OutputStream outputStream) {
|
||||
|
||||
int indent = 0;
|
||||
|
|
@ -173,31 +174,17 @@ public class PgpSignEncryptOperation extends BaseOperation {
|
|||
}
|
||||
|
||||
// if no passphrase was explicitly set try to get it from the cache service
|
||||
if (input.getSignaturePassphrase() == null) {
|
||||
try {
|
||||
// returns "" if key has no passphrase
|
||||
input.setSignaturePassphrase(getCachedPassphrase(signingKey.getKeyId()));
|
||||
// TODO
|
||||
// log.add(LogType.MSG_DC_PASS_CACHED, indent + 1);
|
||||
} catch (PassphraseCacheInterface.NoSecretKeyException e) {
|
||||
// TODO
|
||||
// log.add(LogType.MSG_DC_ERROR_NO_KEY, indent + 1);
|
||||
return new PgpSignEncryptResult(PgpSignEncryptResult.RESULT_ERROR, log);
|
||||
}
|
||||
|
||||
// if passphrase was not cached, return here indicating that a passphrase is missing!
|
||||
if (input.getSignaturePassphrase() == null) {
|
||||
log.add(LogType.MSG_PSE_PENDING_PASSPHRASE, indent + 1);
|
||||
PgpSignEncryptResult result = new PgpSignEncryptResult(PgpSignEncryptResult.RESULT_PENDING_PASSPHRASE, log);
|
||||
result.setKeyIdPassphraseNeeded(signingKey.getKeyId());
|
||||
return result;
|
||||
}
|
||||
if (cryptoInput.getPassphrase() == null) {
|
||||
log.add(LogType.MSG_PSE_PENDING_PASSPHRASE, indent + 1);
|
||||
PgpSignEncryptResult result = new PgpSignEncryptResult(PgpSignEncryptResult.RESULT_PENDING_PASSPHRASE, log);
|
||||
result.setKeyIdPassphraseNeeded(signingKey.getKeyId());
|
||||
return result;
|
||||
}
|
||||
|
||||
updateProgress(R.string.progress_extracting_signature_key, 0, 100);
|
||||
|
||||
try {
|
||||
if (!signingKey.unlock(input.getSignaturePassphrase())) {
|
||||
if (!signingKey.unlock(cryptoInput.getPassphrase())) {
|
||||
log.add(LogType.MSG_PSE_ERROR_BAD_PASSPHRASE, indent);
|
||||
return new PgpSignEncryptResult(PgpSignEncryptResult.RESULT_ERROR, log);
|
||||
}
|
||||
|
|
@ -283,7 +270,7 @@ public class PgpSignEncryptOperation extends BaseOperation {
|
|||
boolean cleartext = input.isCleartextSignature() && input.isEnableAsciiArmorOutput() && !enableEncryption;
|
||||
signatureGenerator = signingKey.getDataSignatureGenerator(
|
||||
input.getSignatureHashAlgorithm(), cleartext,
|
||||
input.getCryptoData(), input.getSignatureTime());
|
||||
cryptoInput.getCryptoData(), cryptoInput.getSignatureTime());
|
||||
} catch (PgpGeneralException e) {
|
||||
log.add(LogType.MSG_PSE_ERROR_NFC, indent);
|
||||
return new PgpSignEncryptResult(PgpSignEncryptResult.RESULT_ERROR, log);
|
||||
|
|
@ -497,7 +484,7 @@ public class PgpSignEncryptOperation extends BaseOperation {
|
|||
// Note that the checked key here is the master key, not the signing key
|
||||
// (although these are always the same on Yubikeys)
|
||||
result.setNfcData(signingKey.getKeyId(), e.hashToSign, e.hashAlgo,
|
||||
input.getSignaturePassphrase());
|
||||
cryptoInput.getPassphrase());
|
||||
Log.d(Constants.TAG, "e.hashToSign" + Hex.toHexString(e.hashToSign));
|
||||
return result;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,12 +21,9 @@ package org.sufficientlysecure.keychain.pgp;
|
|||
import android.net.Uri;
|
||||
import android.os.Parcel;
|
||||
|
||||
import org.sufficientlysecure.keychain.util.Passphrase;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
|
||||
/** This parcel stores the input of one or more PgpSignEncrypt operations.
|
||||
|
|
|
|||
|
|
@ -284,23 +284,21 @@ public class OpenPgpService extends RemoteService {
|
|||
long inputLength = is.available();
|
||||
InputData inputData = new InputData(is, inputLength);
|
||||
|
||||
CryptoInputParcel cryptoInput = new CryptoInputParcel(nfcCreationDate);
|
||||
CryptoInputParcel cryptoInput = new CryptoInputParcel(nfcCreationDate, passphrase);
|
||||
cryptoInput.addCryptoData(null, nfcSignedHash); // TODO fix
|
||||
|
||||
// sign-only
|
||||
PgpSignEncryptInputParcel pseInput = new PgpSignEncryptInputParcel()
|
||||
.setSignaturePassphrase(passphrase)
|
||||
.setEnableAsciiArmorOutput(asciiArmor)
|
||||
.setCleartextSignature(cleartextSign)
|
||||
.setDetachedSignature(!cleartextSign)
|
||||
.setVersionHeader(null)
|
||||
.setSignatureHashAlgorithm(PgpConstants.OpenKeychainHashAlgorithmTags.USE_PREFERRED)
|
||||
.setSignatureMasterKeyId(signKeyId)
|
||||
.setCryptoInput(cryptoInput);
|
||||
.setSignatureMasterKeyId(signKeyId);
|
||||
|
||||
// execute PGP operation!
|
||||
PgpSignEncryptOperation pse = new PgpSignEncryptOperation(this, new ProviderHelper(getContext()), null);
|
||||
PgpSignEncryptResult pgpResult = pse.execute(pseInput, inputData, os);
|
||||
PgpSignEncryptResult pgpResult = pse.execute(pseInput, cryptoInput, inputData, os);
|
||||
|
||||
if (pgpResult.isPending()) {
|
||||
if ((pgpResult.getResult() & PgpSignEncryptResult.RESULT_PENDING_PASSPHRASE) ==
|
||||
|
|
@ -407,9 +405,10 @@ public class OpenPgpService extends RemoteService {
|
|||
long inputLength = is.available();
|
||||
InputData inputData = new InputData(is, inputLength, originalFilename);
|
||||
|
||||
CryptoInputParcel cryptoInput;
|
||||
|
||||
PgpSignEncryptInputParcel pseInput = new PgpSignEncryptInputParcel();
|
||||
pseInput.setSignaturePassphrase(passphrase)
|
||||
.setEnableAsciiArmorOutput(asciiArmor)
|
||||
pseInput.setEnableAsciiArmorOutput(asciiArmor)
|
||||
.setVersionHeader(null)
|
||||
.setCompressionId(compressionId)
|
||||
.setSymmetricEncryptionAlgorithm(PgpConstants.OpenKeychainSymmetricKeyAlgorithmTags.USE_PREFERRED)
|
||||
|
|
@ -439,20 +438,21 @@ public class OpenPgpService extends RemoteService {
|
|||
nfcCreationDate = new Date();
|
||||
}
|
||||
|
||||
CryptoInputParcel cryptoInput = new CryptoInputParcel(nfcCreationDate);
|
||||
cryptoInput = new CryptoInputParcel(nfcCreationDate, passphrase);
|
||||
cryptoInput.addCryptoData(null, nfcSignedHash); // TODO fix!
|
||||
|
||||
// sign and encrypt
|
||||
pseInput.setSignatureHashAlgorithm(PgpConstants.OpenKeychainHashAlgorithmTags.USE_PREFERRED)
|
||||
.setSignatureMasterKeyId(signKeyId)
|
||||
.setCryptoInput(cryptoInput)
|
||||
.setAdditionalEncryptId(signKeyId); // add sign key for encryption
|
||||
} else {
|
||||
cryptoInput = new CryptoInputParcel();
|
||||
}
|
||||
|
||||
PgpSignEncryptOperation op = new PgpSignEncryptOperation(this, new ProviderHelper(getContext()), null);
|
||||
|
||||
// execute PGP operation!
|
||||
PgpSignEncryptResult pgpResult = op.execute(pseInput, inputData, os);
|
||||
PgpSignEncryptResult pgpResult = op.execute(pseInput, cryptoInput, inputData, os);
|
||||
|
||||
if (pgpResult.isPending()) {
|
||||
if ((pgpResult.getResult() & PgpSignEncryptResult.RESULT_PENDING_PASSPHRASE) ==
|
||||
|
|
|
|||
|
|
@ -46,7 +46,6 @@ import org.sufficientlysecure.keychain.operations.results.CertifyResult;
|
|||
import org.sufficientlysecure.keychain.operations.results.ConsolidateResult;
|
||||
import org.sufficientlysecure.keychain.operations.results.DecryptVerifyResult;
|
||||
import org.sufficientlysecure.keychain.operations.results.DeleteResult;
|
||||
import org.sufficientlysecure.keychain.operations.results.EditKeyResult;
|
||||
import org.sufficientlysecure.keychain.operations.results.ExportResult;
|
||||
import org.sufficientlysecure.keychain.operations.results.ImportKeyResult;
|
||||
import org.sufficientlysecure.keychain.operations.results.OperationResult;
|
||||
|
|
@ -284,14 +283,13 @@ public class KeychainIntentService extends IntentService implements Progressable
|
|||
case ACTION_DECRYPT_METADATA: {
|
||||
|
||||
try {
|
||||
/* Input */
|
||||
/* Input */
|
||||
Passphrase passphrase = data.getParcelable(DECRYPT_PASSPHRASE);
|
||||
byte[] nfcDecryptedSessionKey = data.getByteArray(DECRYPT_NFC_DECRYPTED_SESSION_KEY);
|
||||
|
||||
InputData inputData = createDecryptInputData(data);
|
||||
|
||||
/* Operation */
|
||||
|
||||
/* Operation */
|
||||
Bundle resultData = new Bundle();
|
||||
|
||||
// verifyText and decrypt returning additional resultData values for the
|
||||
|
|
@ -549,11 +547,12 @@ public class KeychainIntentService extends IntentService implements Progressable
|
|||
|
||||
// Input
|
||||
SignEncryptParcel inputParcel = data.getParcelable(SIGN_ENCRYPT_PARCEL);
|
||||
CryptoInputParcel cryptoInput = data.getParcelable(EXTRA_CRYPTO_INPUT);
|
||||
|
||||
// Operation
|
||||
SignEncryptOperation op = new SignEncryptOperation(
|
||||
this, new ProviderHelper(this), this, mActionCanceled);
|
||||
SignEncryptResult result = op.execute(inputParcel);
|
||||
SignEncryptResult result = op.execute(inputParcel, cryptoInput);
|
||||
|
||||
// Result
|
||||
sendMessageToHandler(MessageStatus.OKAY, result);
|
||||
|
|
|
|||
|
|
@ -106,7 +106,7 @@ public abstract class EncryptActivity extends BaseActivity {
|
|||
startEncrypt(null);
|
||||
}
|
||||
|
||||
public void startEncrypt(CryptoInputParcel cryptoInput) {
|
||||
public void startEncrypt(final CryptoInputParcel cryptoInput) {
|
||||
if (!inputIsValid()) {
|
||||
// Notify was created by inputIsValid.
|
||||
return;
|
||||
|
|
@ -117,12 +117,10 @@ public abstract class EncryptActivity extends BaseActivity {
|
|||
intent.setAction(KeychainIntentService.ACTION_SIGN_ENCRYPT);
|
||||
|
||||
final SignEncryptParcel input = createEncryptBundle();
|
||||
if (cryptoInput != null) {
|
||||
input.setCryptoInput(cryptoInput);
|
||||
}
|
||||
|
||||
Bundle data = new Bundle();
|
||||
data.putParcelable(KeychainIntentService.SIGN_ENCRYPT_PARCEL, input);
|
||||
data.putParcelable(KeychainIntentService.EXTRA_CRYPTO_INPUT, cryptoInput);
|
||||
intent.putExtra(KeychainIntentService.EXTRA_DATA, data);
|
||||
|
||||
// Message is received after encrypting is done in KeychainIntentService
|
||||
|
|
@ -151,7 +149,7 @@ public abstract class EncryptActivity extends BaseActivity {
|
|||
RequiredInputParcel parcel = RequiredInputParcel.createNfcSignOperation(
|
||||
pgpResult.getNfcHash(),
|
||||
pgpResult.getNfcAlgo(),
|
||||
input.getSignatureTime());
|
||||
cryptoInput.getSignatureTime());
|
||||
startNfcSign(pgpResult.getNfcKeyId(), parcel);
|
||||
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -93,8 +93,8 @@ public class EncryptFilesFragment extends CryptoOperationFragment {
|
|||
private long mSigningKeyId = Constants.key.none;
|
||||
private Passphrase mPassphrase = new Passphrase();
|
||||
|
||||
private ArrayList<Uri> mInputUris = new ArrayList<Uri>();
|
||||
private ArrayList<Uri> mOutputUris = new ArrayList<Uri>();
|
||||
private ArrayList<Uri> mInputUris = new ArrayList<>();
|
||||
private ArrayList<Uri> mOutputUris = new ArrayList<>();
|
||||
|
||||
private ListView mSelectedFiles;
|
||||
private SelectedFilesAdapter mAdapter = new SelectedFilesAdapter();
|
||||
|
|
@ -136,7 +136,7 @@ public class EncryptFilesFragment extends CryptoOperationFragment {
|
|||
try {
|
||||
mModeInterface = (IMode) activity;
|
||||
} catch (ClassCastException e) {
|
||||
throw new ClassCastException(activity.toString() + " must be IMode");
|
||||
throw new ClassCastException(activity + " must be IMode");
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -487,12 +487,10 @@ public class EncryptFilesFragment extends CryptoOperationFragment {
|
|||
intent.setAction(KeychainIntentService.ACTION_SIGN_ENCRYPT);
|
||||
|
||||
final SignEncryptParcel input = createEncryptBundle();
|
||||
if (cryptoInput != null) {
|
||||
input.setCryptoInput(cryptoInput);
|
||||
}
|
||||
|
||||
Bundle data = new Bundle();
|
||||
data.putParcelable(KeychainIntentService.SIGN_ENCRYPT_PARCEL, input);
|
||||
data.putParcelable(KeychainIntentService.EXTRA_CRYPTO_INPUT, cryptoInput);
|
||||
intent.putExtra(KeychainIntentService.EXTRA_DATA, data);
|
||||
|
||||
// Message is received after encrypting is done in KeychainIntentService
|
||||
|
|
|
|||
|
|
@ -344,12 +344,9 @@ public class EncryptTextFragment extends CryptoOperationFragment {
|
|||
intent.setAction(KeychainIntentService.ACTION_SIGN_ENCRYPT);
|
||||
|
||||
final SignEncryptParcel input = createEncryptBundle();
|
||||
if (cryptoInput != null) {
|
||||
input.setCryptoInput(cryptoInput);
|
||||
}
|
||||
|
||||
final Bundle data = new Bundle();
|
||||
data.putParcelable(KeychainIntentService.SIGN_ENCRYPT_PARCEL, input);
|
||||
data.putParcelable(KeychainIntentService.EXTRA_CRYPTO_INPUT, cryptoInput);
|
||||
intent.putExtra(KeychainIntentService.EXTRA_DATA, data);
|
||||
|
||||
// Message is received after encrypting is done in KeychainIntentService
|
||||
|
|
|
|||
Loading…
Reference in a new issue